Balance Protection With Utility
Computers in an office could be completely protected if all the modems were torn out and everyone was kicked out of the room – but then they wouldn’t be of use to anyone. This is why one of the biggest challenges in IT security is finding a balance between resource availability and the confidentiality and integrity of the resources.
Rather than trying to protect against all kinds of threats, most IT departments focus on insulating the most vital systems first and then finding acceptable ways to protect the rest without making them useless. Some of the lower-priority systems may be candidates for automated analysis, so that the most important systems remain the focus.
Assign Minimum Privileges
For an information security system to work, it must know who is allowed to see and do particular things. Someone in accounting, for example, doesn’t need to see all the names in a client database,
but he might need to see the figures coming out of sales. This means that a system administrator needs to assign access by a person’s job type, and may need to further refine
information stays private and is protected against unauthorized disclosure and prying eyes.
Integrity:
This principle guarantees the integrity and accuracy of data and protects it against modifications. This means that any changes to the information by an unauthorized user are impossible (or at least detected), and changes by authorized users are tracked.
Availability:
This principle ensures that the information is fully accessible at any time whenever authorized users need it. This means that all the systems used to store, process, and secure all data must be functioning correctly at all times.
So, armed with these higher-level principles, IT security specialists have come up with best practices to help organizations ensure that their information stays safe. (Read also: The 3 Key Components of BYOD Security.)
IT Security Best Practices
There are many best practices in IT security that are specific to certain industries or businesses, but some apply broadly.